I'm planning on upgrading the OS of our primary Kerberos server, from CentOS 5.7 to CentOS 6.5 (essentially the same as RHEL). I'll be using the vendor-provided MIT Kerberos packages. Old version is 1.6.1-62, new version is 1.10.3-10.
We have two slave KDCs, both of them are already on the newer OS and Kerberos versions. As far as I can tell, the slaves appear to work, as I can disable the krb5kdc service on the primary, and nothing breaks. I just want to do a sanity check that I'm not overlooking any important step. I think I can basically follow the instructions provided here: http://web.mit.edu/kerberos/www/krb5-1.2/krb5-1.2.5/doc/install.html but with the exceptions that all the config files will be copied over from the old install: - /etc/krb5.conf - /etc/krb5.keytab - /var/kerberos/krb5kdc/kdc.conf - /var/kerberos/krb5kdc/kadm5.acl And obviously, instead of creating a new database, I'll re-create the old database from a dump. Am I missing anything? Is it safe to copy the old /var/kerberos/krb5kdc directory wholesale? It seems fairly straightforward, perhaps too easy, so just looking for any words of wisdom that could save me some grief. Thanks! Matt ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos